




SENATE COMMISIONS EXPERT STUDY 






Generator Assurance Approaches (I) Generator Assurance Approaches (I) 





Generator Assurance Approaches (III) Generator Assurance Architectures 
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- write meta-program that produces annotation - approximates strongest postcondition transform! 

4. for each location, identify the responsible schema(s) => annotations not trusted (i.e., not safety-critical) 

5. for each schema, integrate meta-annotations _ obligations produced by (trusted) safety policy 










• Extend range or safety policies • Extend range or safety policies 

- type conformance: units, behavioral subtypes, ... - type conformance: units, behavioral subtypes, . 

- protocol conformance: locking, separation, ... - protocol conformance: locking, separation, . . . 
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